/*
AlliedBridge Content Management System
Copyright (C) 2006 AlliedBridge

This program is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software Foundation;

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the
Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
package org.volume4.alliedbridge.userManager;

import org.volume4.utils.ServletUtilities;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;

public class AddUser extends HttpServlet {

	public String DRIVER, URL, USER, PASS;
        public String username, password, user_role, prefix, first_name, last_name, 
        postfix, address, state, country, zip, phone, fax, email, url;
        
        public void init() throws ServletException {
        ServletContext context = getServletContext();
        DRIVER = context.getInitParameter("driver");
	URL = context.getInitParameter("dburl");
        USER = context.getInitParameter("dbuser");
        PASS = context.getInitParameter("dbpass");
        }


	public void doGet (HttpServletRequest request, HttpServletResponse response)
				throws ServletException, IOException {
	response.setContentType("text/html");
	PrintWriter out = response.getWriter();
	Connection con = null;

	try {	                
                Class.forName(DRIVER);
		con = DriverManager.getConnection(URL,USER,PASS);
		Statement stmt = con.createStatement();
                
                username = ServletUtilities.filter(request.getParameter("username"));
                password = ServletUtilities.filter(request.getParameter("password"));
                user_role = ServletUtilities.filter(request.getParameter("user_role"));
                prefix = ServletUtilities.filter(request.getParameter("prefix"));
                first_name = ServletUtilities.filter(request.getParameter("first_name"));
                last_name = ServletUtilities.filter(request.getParameter("last_name"));
                postfix = ServletUtilities.filter(request.getParameter("postfix"));
                address = ServletUtilities.filter(request.getParameter("address"));
                state = ServletUtilities.filter(request.getParameter("state"));
                country = ServletUtilities.filter(request.getParameter("country"));
                zip = ServletUtilities.filter(request.getParameter("zip"));
                phone = ServletUtilities.filter(request.getParameter("phone"));
                fax = ServletUtilities.filter(request.getParameter("fax"));
                email = ServletUtilities.filter(request.getParameter("email"));
                url = ServletUtilities.filter(request.getParameter("url"));
                                
		String query = "INSERT INTO mi_users " +
                               "(username, password, user_role, prefix, first_name, " +
                               "last_name, postfix, address, state, country, zip, " +
                               "phone, fax, email, url)" + 
                               "VALUES('" 
                               + username + "', " +
                               "'" + password + "', " +
                               "'" + user_role + "', " +
                               "'" + prefix + "', " +
                               "'" + first_name + "', " +
                               "'" + last_name + "', " +
                               "'" + postfix + "', " +
                               "'" + address + "', " +
                               "'" + state + "', " +
                               "'" + country + "', " +
                               "'" + zip + "', " +
                               "'" + phone + "', " +
                               "'" + fax + "', " +
                               "'" + email + "', " +
                               "'" + url + "')";          
              
                int result = stmt.executeUpdate(query);
              
                response.sendRedirect(request.getParameter("redirectURL"));	
        
} catch (SQLException ex) {
	out.println("\nERROR:------ SQLException -----\n");
        while (ex != null) {
            out.println("Message: " + ex.getMessage() + "<br>");
            out.println("SQLState: " + ex.getSQLState() + "<br>");
            out.println("ErrorCode :" + ex.getErrorCode());
            ex = ex.getNextException();
        }
    } catch (Exception e) {
        e.printStackTrace();        
} finally {
    try {	
    if (con != null)
        con.close();
	} catch (SQLException ex) {
            out.println("\nERROR:------ SQLException -----\n");
            out.println("Message: " + ex.getMessage());
            out.println("SQLState: " + ex.getSQLState());
            out.println("ErrorCode :" + ex.getErrorCode());
        }
            }
    }
    public void doPost(HttpServletRequest request,
                                HttpServletResponse response)
          throws ServletException, IOException {
              doGet(request, response);
        }
}